Net Optics Smart Filtering none User Manual

26

*** Confidential - DO NOT Distribute ***

Director

When you define a filter, you specify and action to be taken when the filter conditions are met. The action can be either

drop or redir (meaning redirect). If the action is drop, then packets which meet the filter criteria are dropped, that is,

they are not copied to any Monitor port. If the action is redir, then packets which meet the filter criteria are copied to

all Monitor ports listed in the redir_ports=<portlist> parameter.

Copy Traffic From Any Network Port to Any Monitor Port

Director can be used like a Matrix Switch to direct traffic from any Network port to any Monitor port. To create a

simple switch connection, use a filter add command without specifying any filters.

The filter add command creates pending filters (including switch settings); they are not activated until a filter commit

command is executed. Any number of filter add commands may be issued prior to executing the filter commit command.

Other CLI commands may be executed between the filter add commands as well.

To monitor Network Port 1 on Monitor Port 2, and Network Port 3 on Monitor Port 1:

Enter

1.

filter add in_ports=n1.1 action=redir redir_ports=m.2. The switch connection is pending.

Enter

2.

filter add in_ports=n1.3 action=redir redir_ports=m.1. The switch connection is pending.

Enter

3.

filter commit. The switch connection is activated.

Monitor Port 2

Network Port 1

Monitor Port 1

Network Port 3

filter add in_ports=n1.1 action=redir redir_ports=m.2

filter add in_ports=n1.3 action=redir redir_ports=m.1

Matrix switch connections

Figure 22:

Aggregate Traffic From Any Set of Network Ports to Any Monitor Port

Director can be used like a Port Aggregator or a Link Aggregator, copying traffic from multiple Network ports to any

Monitor port. The filter add command is again used to do this. The only difference from using the command to connect

a single Network port to a single Monitor port is that a list of Network ports is specified.

To copy aggregated traffic from Network Port 1 and Network Port 2 to Monitor Port 3:

Enter

1.

filter add in_ports=n1.1,n1.2 action=redir redir_ports=m.3. The aggregation connection is pending.

Enter

2.

filter commit. The aggregation connection activated.

Note that in this example, Network Port 1 and Network Port 2 may be Span ports, or they can be a paired in-line

network link. The Network port list in the filter add command always applies to the traffic received at the port, not the

traffic transmitted out the port. Therefore, if Network Port 1 and Network Port 2 are an in-line link, then Director has

been configured to act as a Port Aggregator, combining the traffic from both directions on the in-line link and copying it

to the Monitor port.